urlscan.io logo urlscan.io
SecurityTrails logo

windows.renovatedeals.com Open in urlscan Pro
2606:4700:3031::ac43:a556  Public Scan

Go To Rescan Add Verdict Report
URL: https://windows.renovatedeals.com/
Submission Tags: @phishunt_io
Submission: On November 20 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3031::ac43:a556, located in United States and belongs to CLOUDFLARENET, US. The main domain is windows.renovatedeals.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 18th 2020. Valid for: a year.
This is the only time windows.renovatedeals.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    2606:4700:3031::ac43:a556 (United States)

ASN13335 (CLOUDFLARENET, US)
windows.renovatedeals.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    52.218.152.65 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
flipforms-production.s3.us-west-2.amazonaws.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x00f.map2.ssl.hwcdn.net
stackpath.bootstrapcdn.com
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    51.210.112.130 (France)

ASN16276 (OVH, FR)
PTR: i.ibb.co
i.ibb.co
4    54.174.151.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-151-171.compute-1.amazonaws.com
api.trustedform.com
2    2600:9000:2057:a800:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.trustedform.com
1    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.242.18 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net
bam.nr-data.net
Domain Requested by
6 windows.renovatedeals.com 2 redirects windows.renovatedeals.com
4 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
2 bam.nr-data.net js-agent.newrelic.com
2 cdn.trustedform.com windows.renovatedeals.com
api.trustedform.com
2 i.ibb.co windows.renovatedeals.com
cdn.trustedform.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com windows.renovatedeals.com
2 flipforms-production.s3.us-west-2.amazonaws.com windows.renovatedeals.com
1 js-agent.newrelic.com windows.renovatedeals.com
1 stackpath.bootstrapcdn.com windows.renovatedeals.com
1 cdnjs.cloudflare.com windows.renovatedeals.com
22 11

This site contains links to these domains. Also see Links.

Domain
lendingarch.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-06-18 -
2021-06-18		 a year crt.sh
*.s3-us-west-2.amazonaws.com
DigiCert Baltimore CA-2 G2		 2020-07-30 -
2021-08-04		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
ibb.co
Let's Encrypt Authority X3		 2020-10-02 -
2020-12-31		 3 months crt.sh
cdn.trustedform.com
Amazon		 2020-06-12 -
2021-07-12		 a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-23 -
2021-05-07		 6 months crt.sh
*.trustedform.com
Amazon		 2020-11-11 -
2021-12-10		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://windows.renovatedeals.com/
Frame ID: BBA4938B7E3113D2B1577782BF08449B
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

22
Requests

100 %
HTTPS

54 %
IPv6

10
Domains

11
Subdomains

13
IPs

3
Countries

355 kB
Transfer

795 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://windows.renovatedeals.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBbEFDIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--09586259d572f8b4bc31ad13447560fbda610e3f/renovatedeals-logo-horizontal@3x.png HTTP 302
  • https://flipforms-production.s3.us-west-2.amazonaws.com/N4PFxmzT9VsKyESNvR6X9ydj?response-content-disposition=inline%3B%20filename%3D%22renovatedeals-logo-horizontal%25403x.png%22%3B%20filename%2A%3DUTF-8%27%27renovatedeals-logo-horizontal%25403x.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJ573MUMQROG576RQ%2F20201120%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20201120T181201Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=29c242386f438895a4abb2ba5b5821083531c42ff1002d6c9c37bf4a29a212ae
Request Chain 10
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16058959214300.09953007110282153&invert_field_sensitivity=false HTTP 302
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16058959214300.09953007110282153&invert_field_sensitivity=false
Request Chain 17
  • https://windows.renovatedeals.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBbEFDIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--09586259d572f8b4bc31ad13447560fbda610e3f/renovatedeals-logo-horizontal@3x.png HTTP 302
  • https://flipforms-production.s3.us-west-2.amazonaws.com/N4PFxmzT9VsKyESNvR6X9ydj?response-content-disposition=inline%3B%20filename%3D%22renovatedeals-logo-horizontal%25403x.png%22%3B%20filename%2A%3DUTF-8%27%27renovatedeals-logo-horizontal%25403x.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJ573MUMQROG576RQ%2F20201120%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20201120T181203Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=7da2b8dfeeaa7069a76f8bcce285ba3cc9fae9b9877f87b9b2766950718d7eea

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
windows.renovatedeals.com/ 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://windows.renovatedeals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42c9c866b93ceedb89811962af0b0df59fb77b5779632f7627e93d9dec88a848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
windows.renovatedeals.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 18:12:00 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dc14ab0945fa007e28bc83ed783b07b381605895919; expires=Sun, 20-Dec-20 18:11:59 GMT; path=/; domain=.renovatedeals.com; HttpOnly; SameSite=Lax _project_session=iJ%2FTLMYHIzw%2FE8GBVxcIR5UVvurRupvtinGFKrLSGARCPkVHuRuJyzpfbjdBW4ViISHxK1rwj41pFNFfQtNGWmCt4j32dF4hO4EzspJIDhgc3ffMClLo4mpf60PI%2FiRMmjRFse8MboMIsCXjntd1z3PCTME8wHhNE1W5nFMejRyjbA%3D%3D--OFX1mS3S5UGbIkCg--ixCNga4YvpW5mVXj1tPw5w%3D%3D; path=/; secure; HttpOnly
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
cache-control
max-age=0, private, must-revalidate
x-request-id
ec070810-4215-41a8-967f-81fbbe008384
x-runtime
0.186896
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
cf-cache-status
DYNAMIC
cf-request-id
0688743008000016e68038a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mbyZtirv90P%2FKRtcEvU4ZGR%2FidBufaF5ctqHiBuKuXbj3Og4g%2FpxkqM%2FGDj6UPrlKoaFKmqpJ%2BALZgKJFtoP8bgDOPYClTOLE14Kn9wk8njLPkASRliSvOfuYbwGq%2FGqi3Cl3T2x"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5f5422f9a96c16e6-FRA
content-encoding
br
application-0b7833b024c87515cde055c91ed6d994bb6063e017925942746d61e0ccc8cc38.css
windows.renovatedeals.com/assets/frontend/ 		138 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windows.renovatedeals.com/assets/frontend/application-0b7833b024c87515cde055c91ed6d994bb6063e017925942746d61e0ccc8cc38.css
Requested by
Host: windows.renovatedeals.com
URL: https://windows.renovatedeals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b7833b024c87515cde055c91ed6d994bb6063e017925942746d61e0ccc8cc38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windows.renovatedeals.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5f5422fe5bec16e6-FRA
date
Fri, 20 Nov 2020 18:12:00 GMT
via
1.1 vegur
cf-cache-status
MISS
last-modified
Thu, 09 Apr 2020 21:34:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YxMFucAfn%2F6aAA39ExLce%2Bgm7cCds34icArUel2xo1mRHafNkgDC23vKKr%2FHo6JRtI%2BFUwreGU7XScsKyENv%2FhT4nvTo5q%2BGoGlXKho4XYwrCct2riK5sNXSFoU774szOd4ArFw6"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-request-id
06887432f6000016e6803d2000000001
theme1-68eabec30ab136d42864b2447804f98bca0603075c042beae6122bf6244ed71d.css
windows.renovatedeals.com/assets/themes/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://windows.renovatedeals.com/assets/themes/theme1-68eabec30ab136d42864b2447804f98bca0603075c042beae6122bf6244ed71d.css
Requested by
Host: windows.renovatedeals.com
URL: https://windows.renovatedeals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68eabec30ab136d42864b2447804f98bca0603075c042beae6122bf6244ed71d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windows.renovatedeals.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5f5422fe5bee16e6-FRA
date
Fri, 20 Nov 2020 18:12:00 GMT
via
1.1 vegur
cf-cache-status
MISS
last-modified
Thu, 09 Apr 2020 21:34:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mgdCz5A45QrfgUihji%2FczP5CKdMQSiHbNVX0MqLhh4BucCBj28kJskcT%2FpfwVZQGzkJMt423fxYlvQjK4xO8NYt8rwt9MFcDy0xgKkDDJ6YsrW1GzrTg34EkNQyy%2BCNzvE0G84Zr"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-request-id
06887432f8000016e68e1bb000000001
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js
Requested by
Host: windows.renovatedeals.com
URL: https://windows.renovatedeals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Origin
https://windows.renovatedeals.com
Referer
https://windows.renovatedeals.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 18:12:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
26029
x-via
cfworker/kv
cross-origin-resource-policy
cross-origin
content-length
15508
cf-request-id
06887432ef0000d715201aa000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
etag
"5eb03f26-d04c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kBPc4RFcoImHWft364A6Gbsd6Td0dgoBs5szn%2FBuReKlr5%2B7MGBaYUSCZh9BWW4M%2BWCGk1XNg5vFbmnGTx3BHyzto2vfdkxFm%2FJ69Sa0qpSFNAToE4SBeipLaT1kPFG92w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5f5422fe4dd8d715-FRA
expires
Wed, 10 Nov 2021 18:12:00 GMT
application-dafebe4ff16aed191e41b269c2316784ec3841bf5bff10c89abc9511adef4215.js
windows.renovatedeals.com/assets/frontend/ 		250 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://windows.renovatedeals.com/assets/frontend/application-dafebe4ff16aed191e41b269c2316784ec3841bf5bff10c89abc9511adef4215.js
Requested by
Host: windows.renovatedeals.com
URL: https://windows.renovatedeals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dafebe4ff16aed191e41b269c2316784ec3841bf5bff10c89abc9511adef4215
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://windows.renovatedeals.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5f5422fe5bf016e6-FRA
date
Fri, 20 Nov 2020 18:12:00 GMT
via
1.1 vegur
cf-cache-status
MISS
last-modified
Fri, 13 Dec 2019 19:20:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yUNzA4xrafNXjMIXOZHL%2B%2FbGyQrdtK%2F85V9t9jQDvifBMch%2FH%2Brm7MWpuVk0FoJpV6VEao%2FFT2B2rKZgGLuFQu9NMY1Uxf%2Fy%2FdMfYtsZKP3YaSgNJTXc%2BGFGZ69a6FUzMVSgom6k"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-request-id
06887432f7000016e6690d7000000001
N4PFxmzT9VsKyESNvR6X9ydj
flipforms-production.s3.us-west-2.amazonaws.com/
Redirect Chain
  • https://windows.renovatedeals.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBbEFDIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--09586259d572f8b4bc31ad13447560fbda610e3f/renovatedeals...
  • https://flipforms-production.s3.us-west-2.amazonaws.com/N4PFxmzT9VsKyESNvR6X9ydj?response-content-disposition=inline%3B%20filename%3D%22renovatedeals-logo-horizontal%25403x.png%22%3B%20filename%2A%...
78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flipforms-production.s3.us-west-2.amazonaws.com/N4PFxmzT9VsKyESNvR6X9ydj?response-content-disposition=inline%3B%20filename%3D%22renovatedeals-logo-horizontal%25403x.png%22%3B%20filename%2A%3DUTF-8%27%27renovatedeals-logo-horizontal%25403x.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJ573MUMQROG576RQ%2F20201120%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20201120T181201Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=29c242386f438895a4abb2ba5b5821083531c42ff1002d6c9c37bf4a29a212ae
Requested by
Host: windows.renovatedeals.com
URL: https://windows.renovatedeals.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.152.65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a40c6a716c4f0e86ff3fc6112a67850ad79d89b6fae22690fc17eab221ab1109

Request headers

Referer
https://windows.renovatedeals.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 20 Nov 2020 18:12:03 GMT
Last-Modified
Tue, 09 Jun 2020 21:03:30 GMT
Server
AmazonS3
x-amz-request-id
ED194E0A12DB8999
ETag
"abaff25468e5a722d972ea0c84fcd19e"
Content-Type
image/png
Content-Disposition
inline; filename="renovatedeals-logo-horizontal%403x.png"; filename*=UTF-8''renovatedeals-logo-horizontal%403x.png
Accept-Ranges
bytes
Content-Length
80292
x-amz-id-2
W4yp3yHeG687lxaj5ynXiM/AqaZ56VhCRm9O2b6L6cDYZY4Nh+ntLpQbE1fukfrthJkdsEgOFwQ=

Redirect headers

date
Fri, 20 Nov 2020 18:12:01 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rDacQTaIuOWgAQs4VsWjnKHYLqa96YcXVM3DoeO%2BeJ8ps%2FJMosR4saNvK09xml5UFpUh8tgh%2Bz%2BGdDifP7GreXv8JozinyWp8Cc0V3PTwnySjED7z0%2FaZfKvIKHHKitjy%2BqZeyo3"}],"group":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-request-id
0688743560000016e646b96000000001
x-request-id
b62fc545-c0d7-4685-8a5f-e0c6f55dcc2b
x-runtime
0.009607
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
text/html; charset=utf-8
location
https://flipforms-production.s3.us-west-2.amazonaws.com/N4PFxmzT9VsKyESNvR6X9ydj?response-content-disposition=inline%3B%20filename%3D%22renovatedeals-logo-horizontal%25403x.png%22%3B%20filename%2A%3DUTF-8%27%27renovatedeals-logo-horizontal%25403x.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJ573MUMQROG576RQ%2F20201120%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20201120T181201Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=29c242386f438895a4abb2ba5b5821083531c42ff1002d6c9c37bf4a29a212ae
x-xss-protection
1; mode=block
cache-control
max-age=300, private
cf-ray
5f5423023cb516e6-FRA
css
fonts.googleapis.com/ 		5 KB
969 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,700,900&display=swap
Requested by
Host: windows.renovatedeals.com
URL: https://windows.renovatedeals.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e4a26da607102ac68a861ae33bda576bdd72b9c7a2200e87b14351a389ee1509
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://windows.renovatedeals.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 20 Nov 2020 18:12:00 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Fri, 20 Nov 2020 18:12:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Fri, 20 Nov 2020 18:12:00 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: windows.renovatedeals.com
URL: https://windows.renovatedeals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://windows.renovatedeals.com
Referer
https://windows.renovatedeals.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 18:12:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
css
fonts.googleapis.com/ 		7 KB
813 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap
Requested by
Host: windows.renovatedeals.com
URL: https://windows.renovatedeals.com/assets/themes/theme1-68eabec30ab136d42864b2447804f98bca0603075c042beae6122bf6244ed71d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
93960813a7dc20957f385588cd885ca2f13e43b269e8454f9a7bdea6273573fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://windows.renovatedeals.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 20 Nov 2020 17:50:16 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Fri, 20 Nov 2020 18:12:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Fri, 20 Nov 2020 18:12:00 GMT
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://windows.renovatedeals.com
Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,500,700,900&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 22:12:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:13 GMT
server
sffe
age
503955
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
expires
Sun, 14 Nov 2021 22:12:46 GMT
la-debt-call-button-big.png
i.ibb.co/M6RQYgs/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/M6RQYgs/la-debt-call-button-big.png
Requested by
Host: windows.renovatedeals.com
URL: https://windows.renovatedeals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.112.130 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
openresty /
Resource Hash
4ee67f0308f5c34f54e477de7b5574db3ad7f2472700f7569da4fdd0d4945c61

Request headers

Referer
https://windows.renovatedeals.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 18:12:01 GMT
last-modified
Thu, 23 Apr 2020 19:31:01 GMT
server
openresty
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
7660
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16058959214300.09953007110282153&invert_field_sensitivity=false
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16058959214300.09953007110282153&invert_field_sensitivity=false
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16058959214300.09953007110282153&invert_field_sensitivity=false
Requested by
Host: windows.renovatedeals.com
URL: https://windows.renovatedeals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a800:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f4714e7ffeea0da8f370855f28fd03ae845a117e2f7330862a329b1d146d62b

Request headers

Referer
https://windows.renovatedeals.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 18:12:02 GMT
content-encoding
gzip
last-modified
Wed, 18 Nov 2020 15:49:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
W/"8b10fdfd5c09716ec7018d425572055a"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-version-id
lvhhc_DjQIDKUq32BaUIv7CIEAPzTfLj
x-amz-cf-id
gxy-RiIGL-IVmIwOx5vKi7VbmgcdXf9pR-y7RI97d25kR8ItFLISwA==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16058959214300.09953007110282153&invert_field_sensitivity=false
date
Fri, 20 Nov 2020 18:12:01 GMT
server
awselb/2.0
content-length
110
content-type
text/html
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,700,900&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://windows.renovatedeals.com
Referer
https://fonts.googleapis.com/css?family=Poppins:300,400,500,700,900&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 14 Nov 2020 22:12:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:44 GMT
server
sffe
age
503945
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
expires
Sun, 14 Nov 2021 22:12:56 GMT
nr-1184.min.js
js-agent.newrelic.com/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1184.min.js
Requested by
Host: windows.renovatedeals.com
URL: https://windows.renovatedeals.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77

Request headers

Referer
https://windows.renovatedeals.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 18:12:02 GMT
content-encoding
gzip
x-amz-request-id
A21809B1C987C063
x-cache
HIT
content-length
10624
x-amz-id-2
5/0iWHe8AbcxZN6Jo3BmJ2Q+tztfRSNwr+lcNTrsM79nJm6KurTN6rNwf14f8ELquc1TIDOjlf4=
x-served-by
cache-hhn4062-HHN
last-modified
Mon, 28 Sep 2020 16:34:45 GMT
server
AmazonS3
x-timer
S1605895923.926422,VS0,VE0
etag
"3d7f312be60d08a2568e311e4762f3af"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
21873
certs
api.trustedform.com/ 		751 B
962 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16058959214300.09953007110282153&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.151.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-151-171.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
fce43f35812c6e0d68a729d1a50d3bba96ff43d3a6300c4dc8193de53cdb6a35

Request headers

Referer
https://windows.renovatedeals.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Nov 2020 18:12:03 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
751
NRJS-fd0df3b9067b5adad43
bam.nr-data.net/1/ 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-fd0df3b9067b5adad43?a=491095843&v=1184.ab39b52&to=dF1ZREFeWQ1TSk0JWVpXGENGQ0METw%3D%3D&rst=3362&ck=1&ref=https://windows.renovatedeals.com/&qt=4&ap=187&be=761&fe=3231&dc=1839&perf=%7B%22timing%22:%7B%22of%22:1605895919591,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:13,%22c%22:13,%22s%22:18,%22ce%22:30,%22rq%22:31,%22rp%22:753,%22rpe%22:754,%22dl%22:756,%22di%22:1839,%22ds%22:1839,%22de%22:1844,%22dc%22:3231,%22l%22:3231,%22le%22:3232%7D,%22navigation%22:%7B%7D%7D&fp=1429&fcp=1847&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://windows.renovatedeals.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
trustedform-1.2.5.js
cdn.trustedform.com/ 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.2.5.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16058959214300.09953007110282153&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a800:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6df2410d63dfd064e7747102b7b3e020817a63b8231fa9dab569a2ddb1cb27f5

Request headers

Referer
https://windows.renovatedeals.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
HRS0O1guHBXgXwoa2Qa71EzL8DdSCjKH
content-encoding
gzip
last-modified
Wed, 18 Nov 2020 15:49:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"4c715e765007f89f1ba1585fb7975c25"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
date
Fri, 20 Nov 2020 18:12:03 GMT
x-amz-cf-id
Y9MrjAfAEapwQ3e1Oo7a5lFUGCr3S6qG201juyzxpXxAkzWOkpyQ1w==
snapshot
api.trustedform.com/certs/219ff07942f8b0168e8be974127d620caf9c639d/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/219ff07942f8b0168e8be974127d620caf9c639d/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.2.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.151.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-151-171.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windows.renovatedeals.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 20 Nov 2020 18:12:03 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
N4PFxmzT9VsKyESNvR6X9ydj
flipforms-production.s3.us-west-2.amazonaws.com/
Redirect Chain
  • https://windows.renovatedeals.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBbEFDIiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--09586259d572f8b4bc31ad13447560fbda610e3f/renovatedeals...
  • https://flipforms-production.s3.us-west-2.amazonaws.com/N4PFxmzT9VsKyESNvR6X9ydj?response-content-disposition=inline%3B%20filename%3D%22renovatedeals-logo-horizontal%25403x.png%22%3B%20filename%2A%...
78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flipforms-production.s3.us-west-2.amazonaws.com/N4PFxmzT9VsKyESNvR6X9ydj?response-content-disposition=inline%3B%20filename%3D%22renovatedeals-logo-horizontal%25403x.png%22%3B%20filename%2A%3DUTF-8%27%27renovatedeals-logo-horizontal%25403x.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJ573MUMQROG576RQ%2F20201120%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20201120T181203Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=7da2b8dfeeaa7069a76f8bcce285ba3cc9fae9b9877f87b9b2766950718d7eea
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.152.65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a40c6a716c4f0e86ff3fc6112a67850ad79d89b6fae22690fc17eab221ab1109

Request headers

Referer
https://windows.renovatedeals.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 20 Nov 2020 18:12:04 GMT
Last-Modified
Tue, 09 Jun 2020 21:03:30 GMT
Server
AmazonS3
x-amz-request-id
6DEA638568A35F52
ETag
"abaff25468e5a722d972ea0c84fcd19e"
Content-Type
image/png
Content-Disposition
inline; filename="renovatedeals-logo-horizontal%403x.png"; filename*=UTF-8''renovatedeals-logo-horizontal%403x.png
Accept-Ranges
bytes
Content-Length
80292
x-amz-id-2
84emM98L/96AkYoY7DZtJTcplodxYXMOHEUlSJLlUUnO2ab8hf64dMOadxeMC5Wa8CVG/Ba9HJ8=

Redirect headers

date
Fri, 20 Nov 2020 18:12:03 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3uuDlEYI5QXJkMk%2B0ljT1CXQAZv59qEIHXdRXc2A%2B3LxjekZDOV9YfTAbEWBn2G3CtYoY%2B3TBHrjD%2BTfz3FR%2BeiT3tmYLZffXtERk4Iqg9JTfx%2FCyE%2FvDg8U9tFa1T6adJlWYx8%2F"}],"group":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-request-id
0688743ec3000016e6800f7000000001
x-request-id
b95878be-c979-4713-aacc-6832374c1d2e
x-runtime
0.009207
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
text/html; charset=utf-8
location
https://flipforms-production.s3.us-west-2.amazonaws.com/N4PFxmzT9VsKyESNvR6X9ydj?response-content-disposition=inline%3B%20filename%3D%22renovatedeals-logo-horizontal%25403x.png%22%3B%20filename%2A%3DUTF-8%27%27renovatedeals-logo-horizontal%25403x.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJ573MUMQROG576RQ%2F20201120%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20201120T181203Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=7da2b8dfeeaa7069a76f8bcce285ba3cc9fae9b9877f87b9b2766950718d7eea
x-xss-protection
1; mode=block
cache-control
max-age=300, private
cf-ray
5f5423113fca16e6-FRA
la-debt-call-button-big.png
i.ibb.co/M6RQYgs/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/M6RQYgs/la-debt-call-button-big.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.2.5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.112.130 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
openresty /
Resource Hash
4ee67f0308f5c34f54e477de7b5574db3ad7f2472700f7569da4fdd0d4945c61

Request headers

Referer
https://windows.renovatedeals.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 20 Nov 2020 18:12:03 GMT
last-modified
Thu, 23 Apr 2020 19:31:01 GMT
server
openresty
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
7660
expires
Thu, 31 Dec 2037 23:55:55 GMT
fingerprints
api.trustedform.com/certs/219ff07942f8b0168e8be974127d620caf9c639d/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/219ff07942f8b0168e8be974127d620caf9c639d/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.2.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.151.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-151-171.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://windows.renovatedeals.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 20 Nov 2020 18:12:03 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
NRJS-fd0df3b9067b5adad43
bam.nr-data.net/events/1/ 		24 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/NRJS-fd0df3b9067b5adad43?a=491095843&v=1184.ab39b52&to=dF1ZREFeWQ1TSk0JWVpXGENGQ0METw%3D%3D&rst=13362&ck=1&ref=https://windows.renovatedeals.com/
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://windows.renovatedeals.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://windows.renovatedeals.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require function| moment function| sendRange object| Mailcheck object| $jscomp object| Rails boolean| _rails_loaded object| ActiveStorage function| $ function| jQuery object| jQuery112403181607216609772 object| Turbolinks object| bootstrap object| toastr function| submitForm object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording

2 Cookies

Domain/Path Name / Value
windows.renovatedeals.com/ Name: _project_session
Value: o6WVimvX2yDB9UPMriwAuCYkkdkuEO%2BpZJXPwDFMw%2Bg084Ny6FiA7TsoTdwkU1nkXTdtWTL3M66IMhAAZ186ZDB3RAVf3S9a6N02wVcQtMhDRNMko04MFejc7r4cY%2BskNVn%2BC8mw%2FAunp34jJunsSvzO8MDqqvzprviIFwoy1V6Jew%3D%3D--wl6D3mRb7I%2BosaA3--O75zWuOu6WJrQhW0%2FDzuXQ%3D%3D
.renovatedeals.com/ Name: __cfduid
Value: dc14ab0945fa007e28bc83ed783b07b381605895919

3 Console Messages

Source Level URL
Text
console-api log URL: https://windows.renovatedeals.com/(Line 383)
Message:
page loaded
console-api log URL: https://windows.renovatedeals.com/(Line 397)
Message:
Page Position: 1
console-api log URL: https://windows.renovatedeals.com/(Line 386)
Message:
FADING IN

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
bam.nr-data.net
cdn.trustedform.com
cdnjs.cloudflare.com
flipforms-production.s3.us-west-2.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
js-agent.newrelic.com
stackpath.bootstrapcdn.com
windows.renovatedeals.com
151.101.114.110
162.247.242.18
209.197.3.15
2600:9000:2057:a800:1c:7f1a:6680:93a1
2606:4700:3031::ac43:a556
2606:4700::6810:125e
2a00:1450:4001:808::200a
2a00:1450:4001:814::2003
2a00:1450:4001:819::2003
2a00:1450:4001:820::200a
51.210.112.130
52.218.152.65
54.174.151.171
0b7833b024c87515cde055c91ed6d994bb6063e017925942746d61e0ccc8cc38
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
3f4714e7ffeea0da8f370855f28fd03ae845a117e2f7330862a329b1d146d62b
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
42c9c866b93ceedb89811962af0b0df59fb77b5779632f7627e93d9dec88a848
4ee67f0308f5c34f54e477de7b5574db3ad7f2472700f7569da4fdd0d4945c61
68eabec30ab136d42864b2447804f98bca0603075c042beae6122bf6244ed71d
6df2410d63dfd064e7747102b7b3e020817a63b8231fa9dab569a2ddb1cb27f5
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
93960813a7dc20957f385588cd885ca2f13e43b269e8454f9a7bdea6273573fd
a40c6a716c4f0e86ff3fc6112a67850ad79d89b6fae22690fc17eab221ab1109
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
dafebe4ff16aed191e41b269c2316784ec3841bf5bff10c89abc9511adef4215
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a26da607102ac68a861ae33bda576bdd72b9c7a2200e87b14351a389ee1509
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fce43f35812c6e0d68a729d1a50d3bba96ff43d3a6300c4dc8193de53cdb6a35